Windows 2003 LAN; DC and EXCHANGE on separate boxes; no separate front-end Exchange.
Configured everything according to:
outlook /rpcdiag shows that we are NOT connecting over https, even in the LAN
https://mail.domain.com/rpc prompts for credentials WITHOUT a certificate error, so we believe the certificate is doing just fine.
On exchange, the rpcproxy \ Validports registry entry (names have been changed to protect the innocent):
mail.domain.com is external name
exchange and exchange.domain.com are internal names
(note domain.com is the same internal and external, but shouldn't be a problem to get internal working)
Had trouble with this reg entry until I found "rpccfg /hd" which helped identify an extra semi-colon.
rpccfg /hd works now with expected results. Not sure though whether this box would still need a restart for the registry change to 'take' otherwise when rpccfg /hd yields the expected results.
I'm thinking the next steps are troubleshooting using rpcping
Not sure the switches that would be best to use, but running from a client I get:
Exception 5 (0x00000005)
running it on the server I get:
Completed 1 calls in 1 ms
1000 T/S or 1.000 ms/T